[Pkg-shadow-commits] r2122 - debian/branches/lenny/debian

nekral-guest at alioth.debian.org nekral-guest at alioth.debian.org
Thu Jun 12 22:11:48 UTC 2008 

Author: nekral-guest
Date: 2008-06-12 22:11:47 +0000 (Thu, 12 Jun 2008)
New Revision: 2122

Modified:
   debian/branches/lenny/debian/login.defs
Log:
  * Added description of new variables in /etc/login.defs:
    - SYS_UID_MIN, SYS_UID_MAX, SYS_GID_MIN, SYS_GID_MAX
    - ENCRYPT_METHOD
    - SHA_CRYPT_MIN_ROUNDS, SHA_CRYPT_MAX_ROUNDS


Modified: debian/branches/lenny/debian/login.defs
===================================================================
--- debian/branches/lenny/debian/login.defs	2008-06-12 22:10:15 UTC (rev 2121)
+++ debian/branches/lenny/debian/login.defs	2008-06-12 22:11:47 UTC (rev 2122)
@@ -176,12 +176,18 @@
 #
 UID_MIN			 1000
 UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
 
 #
 # Min/max values for automatic gid selection in groupadd
 #
 GID_MIN			  100
 GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
 
 #
 # Max number of login retries if password is bad. This will most likely be
@@ -266,8 +272,38 @@
 #
 # This variable is used by chpasswd, gpasswd and newusers.
 #
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
 #MD5_CRYPT_ENAB	no
 
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
 ################# OBSOLETED BY PAM ##############
 #						#
 # These options are now handled by PAM. Please	#

More information about the Pkg-shadow-commits mailing list